How safe is a flashdrive? | Bitcointalksearch.org

Eternu

sr. member

Activity: 560

Merit: 257

Quote from: ulhaq on May 26, 2017, 11:04:32 AM

I have heard suggestions here to have an offline computer where keys are stored. Even transactions that need to be paid can be saved, entered into the offline computer, signed, and the confirmation transferred back to the flashdrive to be uploaded to the internet. But this requires a flashdrive to go back and forth. So how much does that compromise security?

If one only transmits specific files back and forth to the flashdrive, is it safe? Or is it possible for a program to install itself unknowingly on the flashdrive while in the internet-connected computer?

If i remember right, and as far as i know there are programs that can install them self on your computer without you knowing it, i mean from flash-drive. But there could be something that a person could do to maximize protection of computer. First do not give flesh-drive to anyone and do not use it on computer that you are not sure it is safe to use, second have a good antivirus program, but even with that you can not be safe 100 percents.

ulhaq

sr. member

Activity: 503

Merit: 286

So for storage purposes, and something that could be kept in a safe deposit box, what would be recommended? Hardware wallets are okay for bitcoin and a few other cryptocurrencies, but not for the vast majority. Using paper is cumbersome if there are a number of different cryptocurrencies, and optical recognition software would be necessary to scan in encrypted keys.

CDs and flashdrives are both ill-advised according to posts above. But from my research on flashdrives, as long as they are used periodically they should maintain integrity? Eg, I could insert them in a computer once/year. It would not be my only backup.

machinek20

hero member

Activity: 840

Merit: 501

It is not safe at all to used flashdrive, usually virus infected from the flashdrive, this indicates that flashdrive is not a good protection from malware and flashdrive is easily broken even without anyone using it, it can suddenly broke

Mike Mayor

hero member

Activity: 966

Merit: 535

Bad idea using a flash drive. It's called flash for a reason. It will not contain the data you want after a few years. The data is flash so it will clear eventually. Is an external HDD. It works because the data is written onto the drive plates. Please please please don't use any flash memory to save important things. They not Kent to store data they for transporting.

vapourminer

legendary

Activity: 4354

Merit: 3614

what is this "brake pedal" you speak of?

Quote from: ulhaq on June 04, 2017, 11:57:03 AM

Quote from: darkangel11 on May 31, 2017, 04:35:49 PM

Quote from: Terraformer on June 01, 2017, 07:34:04 AM

If you desperately want to use SD Cards or USB drives/flash drives go out and by three high quality ones

The smartest thing i have heard today. I recommend the same approach, but instead of flash drive can be used quality CD+R disk. You can add information to it, with no afraid to erase previous session.

How long will a CR+R disk last compared to a flashdrive?

archive quality cds:

http://www.verbatim.com/subcat/optical-media/cd/archival-grade-gold-cd-r/

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: bobitza202 on June 04, 2017, 07:59:37 PM

Quote from: ?? on ??

Quote from: Terraformer on June 01, 2017, 07:34:04 AM

Quote

If you desperately want to use SD Cards or USB drives/flash drives go out and by three high quality ones

The smartest thing i have heard today. I recommend the same approach, but instead of flash drive can be used quality CD+R disk. You can add information to it, with no afraid to erase previous session.

How long will a CR+R disk last compared to a flashdrive?

A CD will probably last more, i have a Bach Concert cd from 87' and it still works Cheesy

it depends on the quality of that disk too. i have a bunch of CDs that had some valuable stuff on them and i don't know if they were shitty Chinese product or what but they stopped working after a couple of months!
it is always best to keep additional backups from a sensitive information like private keys which are holding your money!

p.s. your CD is as old as me Grin

U2

hero member

Activity: 676

Merit: 503

I used to be indecisive, but now I'm not sure...

Quote from: ?? on ??

Quote from: Terraformer on June 01, 2017, 07:34:04 AM

Quote

If you desperately want to use SD Cards or USB drives/flash drives go out and by three high quality ones

The smartest thing i have heard today. I recommend the same approach, but instead of flash drive can be used quality CD+R disk. You can add information to it, with no afraid to erase previous session.

How long will a CR+R disk last compared to a flashdrive?

It's way less ... practical to store and would be ruined so much easier. One scratch and you're screwed. Saying your music still works is all well and good, but what if you were storing tens of thousands of dollars on that CD? You wouldn't want it somewhere more secure?

bobitza202

sr. member

Activity: 489

Merit: 253

Quote from: ?? on ??

Quote from: Terraformer on June 01, 2017, 07:34:04 AM

Quote

If you desperately want to use SD Cards or USB drives/flash drives go out and by three high quality ones

The smartest thing i have heard today. I recommend the same approach, but instead of flash drive can be used quality CD+R disk. You can add information to it, with no afraid to erase previous session.

How long will a CR+R disk last compared to a flashdrive?

A CD will probably last more, i have a Bach Concert cd from 87' and it still works Cheesy

ulhaq

sr. member

Activity: 503

Merit: 286

Quote from: darkangel11 on May 31, 2017, 04:35:49 PM

Quote from: ulhaq on May 26, 2017, 11:04:32 AM

I have heard suggestions here to have an offline computer where keys are stored. Even transactions that need to be paid can be saved, entered into the offline computer, signed, and the confirmation transferred back to the flashdrive to be uploaded to the internet. But this requires a flashdrive to go back and forth. So how much does that compromise security?

If one only transmits specific files back and forth to the flashdrive, is it safe? Or is it possible for a program to install itself unknowingly on the flashdrive while in the internet-connected computer?

First of all, there's no need to be so scared and overprotective. It all depends on how much money you're storing and how secure is your network and apartment.
I've been using hardware wallets on my online computers for many years with no problems.

You can safely store coins on your pc, even if it's online. You only have to remember about basic security measures (link clicking, opening attachments, entering suspicious sites), have good anti virus software and never store your passwords on your pc.

If you're determined to use an offline PC, connecting it for a minute to send transaction is perfectly safe and nobody will have time to hack you in those 2 minutes that you need to pay and disconnect.

So turning off the Wifi using the linux GUI is relatively safe in terms of knowing that it is actually turned off? I am planning on downloading and installing some basic software on a clean laptop and will then turn off the Wifi, generate encrypted passwords, and then later perhaps not connect to the internet, or maybe infrequently as you have mentioned.

Quote from: Terraformer on June 01, 2017, 07:34:04 AM

Quote

If you desperately want to use SD Cards or USB drives/flash drives go out and by three high quality ones

The smartest thing i have heard today. I recommend the same approach, but instead of flash drive can be used quality CD+R disk. You can add information to it, with no afraid to erase previous session.

How long will a CR+R disk last compared to a flashdrive?

hexafraction

sr. member

Activity: 392

Merit: 268

Tips welcomed: 1CF4GhXX1RhCaGzWztgE1YZZUcSpoqTbsJ

Quote from: Terraformer on June 01, 2017, 07:34:04 AM

Quote

If you desperately want to use SD Cards or USB drives/flash drives go out and by three high quality ones

The smartest thing i have heard today. I recommend the same approach, but instead of flash drive can be used quality CD+R disk. You can add information to it, with no afraid to erase previous session.

CD-R disks are susceptible to chemical degradation.

Terraformer

sr. member

Activity: 574

Merit: 251

Quote

If you desperately want to use SD Cards or USB drives/flash drives go out and by three high quality ones

The smartest thing i have heard today. I recommend the same approach, but instead of flash drive can be used quality CD+R disk. You can add information to it, with no afraid to erase previous session.

Pencil Pastel

newbie

Activity: 19

Merit: 0

A flashdrive is bad for long-term backup. Hey static memory and clear when they haven't had any power for awhile.

darkangel11

legendary

Activity: 2478

Merit: 1360

Don't let others control your BTC -> self custody

Quote from: ulhaq on May 26, 2017, 11:04:32 AM

I have heard suggestions here to have an offline computer where keys are stored. Even transactions that need to be paid can be saved, entered into the offline computer, signed, and the confirmation transferred back to the flashdrive to be uploaded to the internet. But this requires a flashdrive to go back and forth. So how much does that compromise security?

If one only transmits specific files back and forth to the flashdrive, is it safe? Or is it possible for a program to install itself unknowingly on the flashdrive while in the internet-connected computer?

First of all, there's no need to be so scared and overprotective. It all depends on how much money you're storing and how secure is your network and apartment.
I've been using hardware wallets on my online computers for many years with no problems.

You can safely store coins on your pc, even if it's online. You only have to remember about basic security measures (link clicking, opening attachments, entering suspicious sites), have good anti virus software and never store your passwords on your pc.

If you're determined to use an offline PC, connecting it for a minute to send transaction is perfectly safe and nobody will have time to hack you in those 2 minutes that you need to pay and disconnect.

Pencil Pastel

newbie

Activity: 19

Merit: 0

It is very much possible for viruses to install on flash drives. Remember some are so nasty and clever that when removed off your HDD they simply move over to your ram. Now ofcoarse you don't know this so it's very frustrating. Your antivirus should automatically even so if the flashdrive is infected then so are the pcs you transferring between.

Immakillya

sr. member

Activity: 560

Merit: 269

Instead using flashdrive. Why not use ledger wallet. Its a hardware wallet which more safer because they have better security feature. They have USB and bluetooth capabilities. But still, they are not fool proof. No matter how safe your wallet to keep your btc. If you don't know how to take care of it.

Emoclaw

sr. member

Activity: 420

Merit: 251

Quote from: hexafraction on May 30, 2017, 03:13:37 PM

Quote from: Emoclaw on May 30, 2017, 08:17:53 AM

Modern NAND controllers do garbage collection. In that case, simply plugging it in so as to prevent or slow down data degradation is enough. Flash vendors usually include more cells than are available to write data on, in order to 'replace' other worn-out cells.
Under normal conditions, NAND cells can retain a charge for a couple of years. This is enough for most use-cases, but definitely not enough for cold or archival storage.

I agree that NAND controllers do garbage collection on write. However, could you provide a source that suggests that they do so on reads as well? I would assume that they don't because a GC operation will lead to wear on the flash cells as data is relocated (i.e. using up remaining "write cycles"), while reading typically does not lead to such aging/wear.

Actually I was wrong. Bad blocks in NAND can only be identified in a program (write) or erase operation. Only then is the data relocated to the next good block. Those bad blocks are marked in the spare area (the extra cells vendors add) in a bad block table.
Therefore I suppose that you'd also have to run chkdsk each time to locate the bad block.

hexafraction

sr. member

Activity: 392

Merit: 268

Tips welcomed: 1CF4GhXX1RhCaGzWztgE1YZZUcSpoqTbsJ

Quote from: Emoclaw on May 30, 2017, 08:17:53 AM

Modern NAND controllers do garbage collection. In that case, simply plugging it in so as to prevent or slow down data degradation is enough. Flash vendors usually include more cells than are available to write data on, in order to 'replace' other worn-out cells.
Under normal conditions, NAND cells can retain a charge for a couple of years. This is enough for most use-cases, but definitely not enough for cold or archival storage.

I agree that NAND controllers do garbage collection on write. However, could you provide a source that suggests that they do so on reads as well? I would assume that they don't because a GC operation will lead to wear on the flash cells as data is relocated (i.e. using up remaining "write cycles"), while reading typically does not lead to such aging/wear.

Emoclaw

sr. member

Activity: 420

Merit: 251

Quote from: hexafraction on May 29, 2017, 02:19:20 PM

Quote from: Emoclaw on May 29, 2017, 02:10:34 PM

The best option for you would be to use a paper wallet for archival-style/cold storage of your cryptocurrency. But if you absolutely must use digital storage, do so on a machine that is running Linux to minimize risk, and make sure that you plug in the device(s) from time to time (but that would defeat the purpose of cold storage). Some malware could even just delete your wallet file or re-encrypt it, in which case you should enable write-protection.

Plugging the device in may or may not do anything for flash memory degradation. Assuming NAND flash, simply powering the memory and performing reads won't do anything about leakage from the floating gates of the actual flash cells; flash doesn't refresh on read like DRAM does.

Modern NAND controllers do garbage collection. In that case, simply plugging it in so as to prevent or slow down data degradation is enough. Flash vendors usually include more cells than are available to write data on, in order to 'replace' other worn-out cells.
Under normal conditions, NAND cells can retain a charge for a couple of years. This is enough for most use-cases, but definitely not enough for cold or archival storage.

italianMiner72

hero member

Activity: 910

Merit: 511

Quote from: erikalui on May 29, 2017, 02:45:00 PM

Encrypted or not flashdrives or hard drives aren't safe for saving security data but instead of using a flashdrive, it's recommended to use a hard drive for any information that needs to be protected and then create multiple copies of the same in case of data degradation on one. Flashdrives can be prone to virus or malware and it can fail more compared to hard drives or SSDs.

But why all this problems ??
All of us know who bitcoin wallet.dat stolen was in pc's with security level / users behaviors not = at Zero .. but negative :-)
I think, have a firewall plus antivirus on PC is good.
... do not open spam email link it's another good behaviour.
More sucurity again, use 2 bitcoin wallet:
One for the daily ops with the minimal balance, and the second with all your booty, better if stored in a backup offline virtual machine ... not important if windows o Linux.

erikalui

legendary

Activity: 2632

Merit: 1094

Encrypted or not flashdrives or hard drives aren't safe for saving security data but instead of using a flashdrive, it's recommended to use a hard drive for any information that needs to be protected and then create multiple copies of the same in case of data degradation on one. Flashdrives can be prone to virus or malware and it can fail more compared to hard drives or SSDs.

Topic: How safe is a flashdrive? (Read 2117 times)